Slackware Security Advisories (sigurnosne nadogradnje)

Novosti u vezi Slackware Linuxa

Moderator: Urednik

Locked

Administrator
Administrator
offline
User avatar

Posts: 3507
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 17 Jul 2024, 19:16


11. VI 2024.

Sveži mozilla-firefox i cups paketi za Slackware 15.0 i -current:

Code: Select all

patches/packages/mozilla-firefox-115.12.0esr-i686-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/115.12.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-26/
    https://www.cve.org/CVERecord?id=CVE-2024-5702
    https://www.cve.org/CVERecord?id=CVE-2024-5688
    https://www.cve.org/CVERecord?id=CVE-2024-5690
    https://www.cve.org/CVERecord?id=CVE-2024-5691
    https://www.cve.org/CVERecord?id=CVE-2024-5692
    https://www.cve.org/CVERecord?id=CVE-2024-5693
    https://www.cve.org/CVERecord?id=CVE-2024-5696
    https://www.cve.org/CVERecord?id=CVE-2024-5700
  (* Security fix *)

Code: Select all

patches/packages/cups-2.4.9-i586-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and a security issue:
  When starting the cupsd server with a Listen configuration item pointing
  to a symbolic link, the cupsd process can be caused to perform an arbitrary
  chmod of the provided argument, providing world-writable access to the
  target.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-35235
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3507
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 17 Jul 2024, 19:16


12. VI 2024.

Sveži mozilla-thunderbird paketi za Slackware 15.0 i -current:

Code: Select all

patches/packages/mozilla-thunderbird-115.11.1-i686-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/115.11.1/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/
    https://www.cve.org/CVERecord?id=CVE-2024-4367
    https://www.cve.org/CVERecord?id=CVE-2024-4767
    https://www.cve.org/CVERecord?id=CVE-2024-4768
    https://www.cve.org/CVERecord?id=CVE-2024-4769
    https://www.cve.org/CVERecord?id=CVE-2024-4770
    https://www.cve.org/CVERecord?id=CVE-2024-4777
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3507
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 17 Jul 2024, 19:17


22. VI 2024.

Sveži emacs paketi za Slackware 15.0 i -current:

Code: Select all

patches/packages/emacs-29.4-i586-1_slack15.0.txz:  Upgraded.
  Emacs 29.4 is an emergency bugfix release intended to fix a
  security vulnerability:
  Arbitrary shell commands are no longer run when turning on Org mode.
  This is for security reasons, to avoid running malicious commands.
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3507
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 17 Jul 2024, 19:18


01. VII 2024.

Sveži openssh paketi za Slackware 15.0 i -current:

Code: Select all

patches/packages/openssh-9.8p1-i586-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  Fix race condition resulting in potential remote code execution.
  For more information, see:
    https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
    https://www.cve.org/CVERecord?id=CVE-2024-6387
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3507
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 17 Jul 2024, 19:18


02. VII 2024.

Sveži httpd paketi za Slackware 15.0 i -current:

Code: Select all

patches/packages/httpd-2.4.60-i586-2_slack15.0.txz:  Rebuilt.
  This update is to fix a regression and to note security issues that were not
  listed in the CHANGES file included with the source code.
  Fixed a regression where a config file using AddType rather than AddHandler
  could cause raw PHP files to be downloaded rather than processed.
  Thanks to Nobby6.
  For more information, see:
    https://downloads.apache.org/httpd/CHANGES_2.4.60
    https://www.cve.org/CVERecord?id=CVE-2024-39573
    https://www.cve.org/CVERecord?id=CVE-2024-38477
    https://www.cve.org/CVERecord?id=CVE-2024-38476
    https://www.cve.org/CVERecord?id=CVE-2024-38475
    https://www.cve.org/CVERecord?id=CVE-2024-38474
    https://www.cve.org/CVERecord?id=CVE-2024-38473
    https://www.cve.org/CVERecord?id=CVE-2024-38472
    https://www.cve.org/CVERecord?id=CVE-2024-36387
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3507
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 17 Jul 2024, 19:19


03. VII 2024.

Sveži netatalk i httpd paketi za Slackware 15.0 i -current:

Code: Select all

patches/packages/netatalk-3.2.1-i586-1_slack15.0.txz:  Upgraded.
  Shared library .so-version bump.
  Fixed security issues that could lead to a denial of service or the
  execution of arbitrary code.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-38439
    https://www.cve.org/CVERecord?id=CVE-2024-38440
    https://www.cve.org/CVERecord?id=CVE-2024-38441
  (* Security fix *)

Code: Select all

patches/packages/httpd-2.4.61-i586-1_slack15.0.txz:  Upgraded.
  This update contains the fix for the 2.4.60 regression, which has also
  been assigned a CVE. We fixed this already, but we'll make it official.
  For more information, see:
    https://downloads.apache.org/httpd/CHANGES_2.4
    https://www.cve.org/CVERecord?id=CVE-2024-39884
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3507
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 17 Jul 2024, 19:20


13. VII 2024.

Sveži mozilla-firefox paketi za Slackware 15.0 i -current:

Code: Select all

patches/packages/mozilla-firefox-115.13.0esr-i686-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/115.13.0/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2024-30/
    https://www.cve.org/CVERecord?id=CVE-2024-6600
    https://www.cve.org/CVERecord?id=CVE-2024-6601
    https://www.cve.org/CVERecord?id=CVE-2024-6602
    https://www.cve.org/CVERecord?id=CVE-2024-6603
    https://www.cve.org/CVERecord?id=CVE-2024-6604
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”


Locked

Who is online

Users browsing this forum: No registered users and 0 guests